Comments (3)
Ran across this in other cryptos. A temporary solution is to delete the seed and password from the config file after the node is running. Of course if for some reason the node is stopped, the seed and password has to be added to the config file before starting.
from waves.
Hello!
As you can see here, in the configuration file for node, in the section wallet
, can be specified the following parameters:
- Pathway for the file
wallet.dat
with encrypted seed for address of the node. password
to encrypt the seed.- Seed, as
base58 encoded string
.
You can encode mnemonic passphrase from your address -> to base58 encoded seed <- from text, using some base58 converter.
So, while base58 seed
and password
there is specified in your node.conf
,
your wallet.dat
can be restored from this data, even if this file will be damaged or corrupted.
But, if you afraid that someone can copy this data on VPS
, from your node.conf
,
and then access to your node address,
you can just, yourself, comment or delete this strings:
password
and base58 seed
, but after the creation the file wallet.dat
(after first running).
In this case, you need to enter password
manually, for each running of the WAVES FULL NODE
, because wallet.dat
, contains ENCRYPTED by PASSWORD
, seed,
or priv from the main address, and addresses, on the node.
Be careful with keyboard layout, and consecutive of symbols,
because nothing no display, while you entering that password
.
This action is your "/wallet/unlock"
, after each running the node.
And according this definition private key or seed must be in memory, for working node,
to validate transaction, and generate new blocks, and sign this.
Also, addresses on the node, you can see here http://127.0.0.1:6869/addresses
and you can generate this addresses, or delete this, after you running you node.
http://127.0.0.1:6869/api-docs/index.html
from waves.
This is an old request, but there isn't really any suggestions on how to secure this, Pretty much its just start the node and then delete sensitive information... which obviously means needing the wallet data every time you want to restart... not an optimal solution.
I would propose a change in the way that mining works. My suggestion is something like this:
A node that generates its own wallet address and private key that is stored in memory but not shared with the node owner.
A node owner adds their private wallet address (a unique address not attached to their node) to their config file.
A new transaction type (mining_transaction) that has a zero send fee.
Upon a successful rolled block, the node automatically sends the transaction to the node owners private wallet using the new transaction type 0 thus no added fees.
In this case if anyone ever hacked the node server or if some hosting employee decides its time to steel crypto and quit their job there is nothing in the node config - just a single address with no keys, passwords, or details.
Just an idea that I hope might add some ideas behind this very old suggestion.
from waves.
Related Issues (20)
- Nodes don't stay synced on new chain HOT 1
- Create a discord server for support HOT 1
- Failed ethereum transactions have no additional info HOT 2
- Error in Appender: Negative transfer amount after block 2871360 HOT 2
- v1.3.9 keep exit for "Negative transfer amount = -15220" at block 2871360 HOT 1
- critical / high CVEs HOT 1
- 9011b93b722cd9c803375a910be081251f27860
- Allow underscore char in function names HOT 2
- Pruned blockchain or "light" node operation? (This is actually more of a question than a feature request)
- transaction type 17 not supported HOT 1
- Assets balances API endpoint does not return issueTransaction HOT 1
- Failing on sync HOT 4
- NodeException{code=112, message=State check failed. Reason: Transactions from non-scripted accounts must have exactly 1 proof} HOT 4
- There's no option do disable cors on new node version HOT 3
- Error when apply block 3173293 HOT 2
- Block height for fetchEvaluate method
- waves 1.4.13 can not start with out of memory error but host memory is enough HOT 2
- WEP 6: Lease expiry HOT 1
- Storage version 1 is not compatible with expected version 2 with Waves v1.5.3
- Transferring funds broken
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from waves.